Multiple vulnerabilities in Siemens SCALANCE M-800/S615 Family
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2023-44318 CVE-2023-44320 CVE-2023-44321 |
| CWE-ID | CWE-321 CWE-425 CWE-400 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SCALANCE S615 EEC Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE MUM856-1 (RoW) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE MUM856-1 (EU) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE MUM853-1 (EU) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M876-4 (NAM) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M876-4 (EU) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M876-3 (ROK) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M876-3 (EVDO) Hardware solutions / Routers & switches, VoIP, GSM, etc RUGGEDCOM RM1224 LTE(4G) NAM Hardware solutions / Routers & switches, VoIP, GSM, etc RUGGEDCOM RM1224 LTE(4G) EU Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M876-4 Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M874-3 Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M874-2 Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M826-2 SHDSL-Router Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M816-1 ADSL-Router (Annex B) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M816-1 ADSL-Router (Annex A) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M812-1 ADSL-Router (Annex B) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M812-1 ADSL-Router (Annex A) Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE M804PB Hardware solutions / Routers & switches, VoIP, GSM, etc SCALANCE S615 Hardware solutions / Firmware |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Use of Hard-coded Cryptographic Key
EUVDB-ID: #VU83416
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-44318
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise the target system.
The vulnerability exists due to the usage a hardcoded key to obfuscate the configuration backup that an administrator can export from the device. A remote administrator can obtain a configuration backup to extract configuration information from the exported file.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE S615 EEC: All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-3 (EVDO): All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
RUGGEDCOM RM1224 LTE(4G) EU: All versions
SCALANCE M876-4: All versions
SCALANCE M874-3: All versions
SCALANCE M874-2: All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M804PB: All versions
SCALANCE S615: All versions
CPE2.3- cpe:2.3:h:siemens:scalance_s615_eec:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum856-1_row:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum856-1_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum853-1_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4_nam:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-3_rok:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-3_evdo:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:ruggedcom_rm1224_lte_4g_nam:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:ruggedcom_rm1224_lte_4g_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m874-3:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m874-2:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m816-1_adsl-router_annex_b:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m816-1_adsl-router_annex_a:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m812-1_adsl-router_annex_b:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m812-1_adsl-router_annex_a:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m804pb:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_s615:*:*:*:*:*:*:*:*
https://cert-portal.siemens.com/productcert/txt/ssa-180704.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Direct Request ('Forced Browsing')
EUVDB-ID: #VU83418
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-44320
CWE-ID:
CWE-425 - Direct Request ('Forced Browsing')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper authentication when performing certain modifications in the web interface. A remote user can influence the user interface configured by an administrator.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE S615 EEC: All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-3 (EVDO): All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
RUGGEDCOM RM1224 LTE(4G) EU: All versions
SCALANCE M876-4: All versions
SCALANCE M874-3: All versions
SCALANCE M874-2: All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M804PB: All versions
SCALANCE S615: All versions
CPE2.3- cpe:2.3:h:siemens:scalance_s615_eec:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum856-1_row:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum856-1_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum853-1_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4_nam:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-3_rok:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-3_evdo:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:ruggedcom_rm1224_lte_4g_nam:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:ruggedcom_rm1224_lte_4g_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m874-3:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m874-2:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m816-1_adsl-router_annex_b:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m816-1_adsl-router_annex_a:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m812-1_adsl-router_annex_b:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m812-1_adsl-router_annex_a:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m804pb:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_s615:*:*:*:*:*:*:*:*
https://cert-portal.siemens.com/productcert/txt/ssa-180704.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource exhaustion
EUVDB-ID: #VU83420
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-44321
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote administrator can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsSCALANCE S615 EEC: All versions
SCALANCE MUM856-1 (RoW): All versions
SCALANCE MUM856-1 (EU): All versions
SCALANCE MUM853-1 (EU): All versions
SCALANCE M876-4 (NAM): All versions
SCALANCE M876-4 (EU): All versions
SCALANCE M876-3 (ROK): All versions
SCALANCE M876-3 (EVDO): All versions
RUGGEDCOM RM1224 LTE(4G) NAM: All versions
RUGGEDCOM RM1224 LTE(4G) EU: All versions
SCALANCE M876-4: All versions
SCALANCE M874-3: All versions
SCALANCE M874-2: All versions
SCALANCE M826-2 SHDSL-Router: All versions
SCALANCE M816-1 ADSL-Router (Annex B): All versions
SCALANCE M816-1 ADSL-Router (Annex A): All versions
SCALANCE M812-1 ADSL-Router (Annex B): All versions
SCALANCE M812-1 ADSL-Router (Annex A): All versions
SCALANCE M804PB: All versions
SCALANCE S615: All versions
CPE2.3- cpe:2.3:h:siemens:scalance_s615_eec:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum856-1_row:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum856-1_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_mum853-1_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4_nam:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-3_rok:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-3_evdo:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:ruggedcom_rm1224_lte_4g_nam:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:ruggedcom_rm1224_lte_4g_eu:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m876-4:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m874-3:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m874-2:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m816-1_adsl-router_annex_b:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m816-1_adsl-router_annex_a:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m812-1_adsl-router_annex_b:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m812-1_adsl-router_annex_a:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_m804pb:*:*:*:*:*:*:*:*
- cpe:2.3:h:siemens:scalance_s615:*:*:*:*:*:*:*:*
https://cert-portal.siemens.com/productcert/txt/ssa-180704.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
